Ragib Hasan Johns Hopkins University en.600.412 Spring 2011 Lecture 1 01/31/2011 Security and Privacy in Cloud Computing.

Slides:



Advertisements
Similar presentations
CHANGING THE WAY IT WORKS Cloud Computing 4/6/2015 Presented by S.Ganesh ( )
Advertisements

Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 3 02/15/2010 Security and Privacy in Cloud Computing.
Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 8 04/11/2011 Security and Privacy in Cloud Computing.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2012 Lecture 2 08/21/2012 Security and Privacy in Cloud Computing.
Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 3 02/14/2010 Security and Privacy in Cloud Computing.
Slide credits: Ragib Hasan, Johns Hopkins University CS573 Data privacy and security in the cloud.
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 1 01/25/2010 Security and Privacy in Cloud Computing.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2011 Lecture 1 08/16/2011 Security and Privacy in Cloud Computing.
Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 11 04/25/2011 Security and Privacy in Cloud Computing.
INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 6 2/13/2015.
Cloud Computing PRESENTED BY- Rajat Dixit (rd2392)
Bharat Bhargava Computer Science Purdue University Research in Cloud Computing YounSun Cho Computer Science Purdue.
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 5 03/08/2010 Security and Privacy in Cloud Computing.
COMS E Cloud Computing and Data Center Networking
CLOUD Demystifying the Jesse Dunietz SASS Talk A Survey of Cloud Computing.
What is Cloud Computing? o Cloud computing:- is a style of computing in which dynamically scalable and often virtualized resources are provided as a service.
CLOUD PRIVACY AND SECURITY CS 595 LECTURE 15 4/15/2015.
INTRODUCTION TO CLOUD COMPUTING CS 595 LECTURE 4.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2013 Lecture 3 09/03/2013 Security and Privacy in Cloud Computing.
Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.
SaaS, PaaS & TaaS By: Raza Usmani
Addition to Networking.  There is no unique and standard definition out there  Cloud Computing is a general term used to describe a new class of network.
Chapter-7 Introduction to Cloud Computing Cloud Computing.
Cloud Computing – The Cloud Dr. Jie Liu. Definition  Cloud computing is Web-based processing, whereby shared resources, software, and information are.
Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.
Ragib Hasan Johns Hopkins University en Spring 2010 Lecture 2 02/01/2010 Security and Privacy in Cloud Computing.
Clouds on IT horizon Faculty of Maritime Studies University of Rijeka Sanja Mohorovičić INFuture 2009, Zagreb, 5 November 2009.
Cloud Computing All Copyrights reserved to Talal Abu-Ghazaleh Organization
Security and Privacy: Can we trust the cloud?
Cloud Computing الحوسبة السحابية. subject History of Cloud Before the cloud Cloud Conditions Definition of Cloud Computing Cloud Anatomy Type of Cloud.
Cloud Computing Cloud Computing Class-1. Introduction to Cloud Computing In cloud computing, the word cloud (also phrased as "the cloud") is used as a.
Osama Shahid ( ) Vishal ( ) BSCS-5B
Cloud Computing Saneel Bidaye uni-slb2181. What is Cloud Computing? Cloud Computing refers to both the applications delivered as services over the Internet.
Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over the Internet. Cloud is the metaphor for.
Cloud Computing Kwangyun Cho v=8AXk25TUSRQ.
CLOUD COMPUTING. What is cloud computing ? History Virtualization Cloud Computing hardware Cloud Computing services Cloud Architecture Advantages & Disadvantages.
Computer Science and Engineering 1 Cloud ComputingSecurity.
Introduction to Cloud Computing
Cloud Computing & Amazon Web Services – EC2 Arpita Patel Software Engineer.
Ragib Hasan University of Alabama at Birmingham CS 491/691/791 Fall 2013 Lecture 1 08/27/2013 Security and Privacy in Cloud Computing.
Cloud Computing Dave Elliman 11/10/2015G53ELC 1. Source: NY Times (6/14/2006) The datacenter is the computer!
Presented by: Mostafa Magdi. Contents Introduction. Cloud Computing Definition. Cloud Computing Characteristics. Cloud Computing Key features. Cost Virtualization.
What is the cloud ? IT as a service Cloud allows access to services without user technical knowledge or control of supporting infrastructure Best described.
1 NETE4631 Course Wrap-up and Benefits, Challenges, Risks Lecture Notes #15.
INTRODUCTION TO CLOUD COMPUTING ggg UNDERSTANDING CLOUD COMPUTING UNDERSTANDING CLOUD COMPUTING DEFINITION CLOUD COMPUTING.
UC Berkeley Clouds Above the clouds : A Berkeley View of Cloud Computing Electrical Engineering and Computer Sciences University of California at Berkeley.
CLOUD COMPUTING. What is cloud computing ? History Virtualization Cloud Computing hardware Cloud Computing services Cloud Architecture Advantages & Disadvantages.
Cloud computing Cloud Computing1. NIST: Five essential characteristics On-demand self-service Computing capabilities, disks are demanded over the network.
IS3321 Information Systems Solutions for the Digital Enterprise Lecture 1: Introduction to IS3321 – what is a digital enterprise? Rob Gleasure
3/12/2013Computer Engg, IIT(BHU)1 CLOUD COMPUTING-1.
Web Technologies Lecture 13 Introduction to cloud computing.
1 TCS Confidential. 2 Objective : In this session we will be able to learn:  What is Cloud Computing?  Characteristics  Cloud Flavors  Cloud Deployment.
KAASHIV INFOTECH – A SOFTWARE CUM RESEARCH COMPANY IN ELECTRONICS, ELECTRICAL, CIVIL AND MECHANICAL AREAS
Lecture 6: Cloud Computing
Unit 3 Virtualization.
A Survey of Cloud Computing
Threat Modeling for Cloud Computing
11. Looking Ahead.
Lecture 20: Cloud Security
Chapter 6: Securing the Cloud
Rob Gleasure robgleasure.com
By: Raza Usmani SaaS, PaaS & TaaS By: Raza Usmani
The Future? Or the Past and Present?
Cloud computing-The Future Technologies
Recommendation 6: Using ‘cloud computing’ to meet the societal need ‘Faster and transparent access to public sector services’ Cloud computing Faster and.
CLOUD COMPUTING Presented By:- EduTechlearners
Computer Science and Engineering
Presentation transcript:

Ragib Hasan Johns Hopkins University en Spring 2011 Lecture 1 01/31/2011 Security and Privacy in Cloud Computing

Welcome to the class Administrative details When? : Monday 3pm-3.50pm Where?: Shaffer 302 Web: Instructor: Ragib Hasan, 324NEB, Office hours: Monday 4pm-5pm (more TBA) 1/31/20112en Spring 2011

Introductions Please tell us – Your name – What level (grad, undergrad, PhD/MS/BS) you are currently – Your advisor – Your research interests – Anything fun/interesting about you 1/31/2011en Spring 20113

Goals of the course Identify the cloud computing security issues Explore cloud computing security issues Learn about latest research 1/31/20114en Spring 2011

Plan Each week, we will – Pick a different cloud computing security topic – Discuss general issues on the topic – Read one or two latest research paper on that topic 1/31/20115en Spring 2011

Evaluations Based on paper reviews – Students taking the course for credit will have to submit 1 paper review per week – The reviews will be short, 1 page discussion of the paper’s pros and cons (format will be posted on the class webpage) 1/31/20116en Spring 2011

Example Review Summary Mention what problem the paper addresses. What is the approach, and what are the results. Pros Advantages or features you liked. At least 3. Cons Disadvantages or shortcomings. At least 3. Ideas How can you improve the system? Short 2/3 sentence comment on your ideas. 1/31/2011en Spring 20117

Topics we will cover 1/31/2011en Spring Data and computation integrity and confidentiality Infrastructure, topology Data Privacy NetworkingForensics

What is Cloud Computing? 1/31/20119en Spring 2011 Let’s hear from the “experts”

What is Cloud Computing? 1/31/2011en Spring The infinite wisdom of the crowds (via Google Suggest)

What is Cloud Computing? 1/31/2011en Spring Larry Ellison, founder of Oracle We’ve redefined Cloud Computing to include everything that we already do.... I don’t understand what we would do differently in the light of Cloud Computing other than change the wording of some of our ads.

What is Cloud Computing? 1/31/2011en Spring Richard Stallman GNU It’s stupidity. It’s worse than stupidity: it’s a marketing hype campaign

What is Cloud Computing? 1/31/2011en Spring Ron Rivest The R of RSA Cloud Computing will become a focal point of our work in security. I’m optimistic …

So, What really is Cloud Computing? Cloud computing is a new computing paradigm, involving data and/or computation outsourcing, with – Infinite and elastic resource scalability – On demand “just-in-time” provisioning – No upfront cost … pay-as-you-go 1/31/2011en Spring That is, use as much or as less you need, use only when you want, and pay only what you use,

The real story “Computing Utility” – holy grail of computer science in the 1960s. Code name: MULTICS 1/31/2011en Spring Why it failed? Ahead of time … lack of communication tech. (In other words, there was NO (public) Internet) And personal computer became cheaper and stronger

The real story Mid to late ’90s, Grid computing was proposed to link and share computing resources 1/31/2011en Spring

The real story … continued 1/31/2011en Spring Post-dot-com bust, big companies ended up with large data centers, with low utilization Solution: Throw in virtualization technology, and sell the excess computing power And thus, Cloud Computing was born …

Cloud computing provides numerous economic advantages For clients: – No upfront commitment in buying/leasing hardware – Can scale usage according to demand – Barriers to entry lowered for startups For providers: – Increased utilization of datacenter resources 1/31/2011en Spring

Cloud computing means selling “X as a service” IaaS: Infrastructure as a Service – Selling virtualized hardware PaaS: Platform as a service – Access to a configurable platform/API SaaS: Software as a service – Software that runs on top of a cloud 1/31/2011en Spring

Cloud computing architecture 1/31/2011en Spring e.g., Web browser SaaS, e.g., Google Docs PaaS, e.g., Google AppEngine IaaS, e.g., Amazon EC2

Different types of cloud computing 1/31/2011en Spring Amazon EC2 Clients can rent virtualized hardware, can control the software stack on the rented machines Google AppEngine Provides a programmable platform that can scale easily Microsoft Azure Clients can choose languages, but can’t change the operating system or runtime IaaS PaaS

So, if cloud computing is so great, why aren’t everyone doing it? 1/31/2011en Spring Clouds are still subject to traditional data confidentiality, integrity, availability, and privacy issues, plus some additional attacks

Companies are still afraid to use clouds 1/31/2011en Spring [Chow09ccsw]

Anatomy of fear … Confidentiality – Will the sensitive data stored on a cloud remain confidential? Will cloud compromises leak confidential client data (i.e., fear of loss of control over data) – Will the cloud provider itself be honest and won’t peek into the data? 1/31/2011en Spring

Anatomy of fear … Integrity – How do I know that the cloud provider is doing the computations correctly? – How do I ensure that the cloud provider really stored my data without tampering with it? 1/31/2011en Spring

Anatomy of fear … Availability – Will critical systems go down at the client, if the provider is attacked in a Denial of Service attack? – What happens if cloud provider goes out of business? 1/31/2011en Spring

Anatomy of fear … Privacy issues raised via massive data mining – Cloud now stores data from a lot of clients, and can run data mining algorithms to get large amounts of information on clients 1/31/2011en Spring

Anatomy of fear … Increased attack surface – Entity outside the organization now stores and computes data, and so – Attackers can now target the communication link between cloud provider and client – Cloud provider employees can be phished 1/31/2011en Spring

Anatomy of fear … Auditability and forensics – Difficult to audit data held outside organization in a cloud – Forensics also made difficult since now clients don’t maintain data locally 1/31/2011en Spring

Anatomy of fear … Legal quagmire and transitive trust issues – Who is responsible for complying with regulations (e.g., SOX, HIPAA, GLBA)? – If cloud provider subcontracts to third party clouds, will the data still be secure? 1/31/2011en Spring

What we need is to … Adapt well known techniques for resolving some cloud security issues Perform new research and innovate to make clouds secure 1/31/2011en Spring

Final quote 1/31/2011en Spring [Cloud Computing] is a security nightmare and it can't be handled in traditional ways. John Chambers CISCO CEO

1/31/201133en Spring 2011 Further Reading Armbrust et al., Above the Clouds: A Berkeley View of Cloud Computing, UC Berkeley Tech Report UCB/EECS , February Chow et al., Cloud Computing: Outsourcing Computation without Outsourcing Control, 1 st ACM Cloud Computing Security Workshop, November 2009.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.